Hathaway Resignation Leaves Cybersecurity Leadership Void

Melissa Hathaway, who has served as the White House's acting cybersecurity czar, has opted to step down from the position. A George W. Bush holdover, Hathaway was regarded as a leading contender for the permanent post of cybersecurity chief in the Obama administration. Politics and questions regarding which agencies the post will answer to may have been factors in Hathaway's decision.

By Renay San Miguel
08/05/09 11:24 AM PT

The Obama administration appears to be having as much trouble as its predecessors in decrypting the secrets of how to retain its cybersecurity advisers.

Monday's resignation of Melissa Hathaway, who served as acting senior director for cyberspace for the National Security and Homeland Security Councils, has Washington insiders and tech industry observers buzzing about yet another roadblock in President Obama's intention to revamp network protection policy. Hathaway, a Bush administration holdover, completed a two-month study of U.S. cybersecurity policy in April, and in late May the president himself delivered a major speech in which he announced his intentions to make the issue a top priority for his administration. He also pledged to be hands-on in choosing the person to help shape that policy.

However, August has begun, and while the president has other significant agenda items to deal with -- a struggling economy, renewed troubles in Afghanistan, the healthcare reform debate -- he still has no one to lead the charge on protecting the nation's digital networks.

Hathaway was seen as having the inside track for the cybersecurity czar's post, answerable only to Obama. However, media reports indicate that Beltway bureaucracy and power struggles may have soured her on the opportunity.

D.C. Business as Usual

In an interview with the Washington Post, Hathaway indicated she wasn't willing to wait and felt she could do more to help the president's efforts from outside the capital. A Wall Street Journal story quoted sources as saying Hathaway may have raised eyebrows among administration officials with ideas regarding regulation of private sector networks. There were also questions about whom she would answer to after reports surfaced that National Economic Council Director Larry Summers wanted in on cybersecurity decisions.

It's all part of how D.C. works, no matter which administration is camped out in the Oval Office, and observers shouldn't worry too much about who's watching the infrastructure while this goes on, according to Fred Burton, vice president of counterterrorism and corporate security for global intelligence company Stratfor.

"The system's very robust and capable and purposely made to function that way," Burton told TechNewsWorld. "You're going to have a lot of flux, a lot of turnaround in senior positions, a lot of burnout. A lot of folks don't know what they're getting into when they step into these jobs at times. A lot of private sector folks aren't used to the bureaucracy and the process that's engaged."

Who's Watching the Digital Networks?

The situation is analogous to an embassy that has no permanent U.S. ambassador in place, Burton said. The lack of someone filling that chair doesn't mean diplomacy takes a holiday while the search is underway for a new ambassador. "It's probably more important to get that position right, meaning finding the right person who's interested in doing the job," he said.

Director of National Intelligence Dennis Blair, Defense Secretary Robert Gates and the heads of the CIA and FBI continue to give President Obama the latest on potential network threats from other countries and rogue states, international organized crime and individual homegrown hackers during the daily White House briefings, Burton said. "When the president looks around and asks the DNI or DCI a question on this, you're going to have capable and quick comments back on this topic," he added.

The longer the delay in naming a cybersecurity chief, however, provides more chances for risk. "Now where you do see a bit of dysfunction is when the position goes vacant for a long period of time. Let's say we have a year or 18 months of this, and you have a new appointment in this position, and they want to take things in a different direction. Then you get policy disruptions," Burton said.

To that end, White House officials have said that the search has been ongoing for a national cybersecurity czar. The Journal says several people have already turned down the job, and the Post cited as source who claimed 30 people had already been interviewed.